Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / webui-vue / ce7db82c9582c4dac04ac81d9af6b557ae7965e3 / . / src / store / modules / Authentication / AuthenticanStore.js
blob: e876f780e178fc11bcb232962ab680f8da5c30af [file] [log] [blame]
Paul Fertser6de03412024-07-05 10:46:38 +0000[diff] [blame]1import api, { isPasswordExpired } from '@/store/api';
Derick Montaguefded0d12019-12-11 06:16:40 -0600[diff] [blame]2import Cookies from 'js-cookie';
SurenNeware61859092020-10-01 09:37:32 +0530[diff] [blame]3import router from '@/router';
Paul Fertser2b335262024-04-11 10:51:41 +0000[diff] [blame]4import { roles } from '@/router/routes';
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]5
6const AuthenticationStore = {
7 namespaced: true,
8 state: {
kirankumarb07b89eed22023-01-12 15:50:30 +0530[diff] [blame]9 consoleWindow: null,
Yoshie Muranaka4b0fc1d2020-01-06 07:36:16 -0800[diff] [blame]10 authError: false,
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]11 xsrfCookie: Cookies.get('XSRF-TOKEN'),
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]12 isAuthenticatedCookie: Cookies.get('IsAuthenticated'),
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]13 sessionURI: localStorage.getItem('sessionURI'),
Paul Fertser09a3b9e2024-07-03 14:11:03 +0000[diff] [blame]14 xAuthToken: null,
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]15 },
16 getters: {
kirankumarb07b89eed22023-01-12 15:50:30 +0530[diff] [blame]17 consoleWindow: (state) => state.consoleWindow,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]18 authError: (state) => state.authError,
19 isLoggedIn: (state) => {
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]20 // We might have gotten XSRF-TOKEN (and HttpOnly SESSION cookie) by Mutual TLS authentication,
21 // without going through explicit Session creation
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]22 return (
Paul Fertser09a3b9e2024-07-03 14:11:03 +0000[diff] [blame]23 state.xsrfCookie !== undefined ||
24 state.isAuthenticatedCookie == 'true' ||
25 state.xAuthToken !== null
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]26 );
27 },
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]28 // Used to authenticate WebSocket connections via subprotocol value
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]29 token: (state) => state.xsrfCookie,
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]30 },
31 mutations: {
Paul Fertser09a3b9e2024-07-03 14:11:03 +0000[diff] [blame]32 authSuccess(state, { session, token }) {
Yoshie Muranaka4b0fc1d2020-01-06 07:36:16 -0800[diff] [blame]33 state.authError = false;
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]34 state.xsrfCookie = Cookies.get('XSRF-TOKEN');
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]35 // Preserve session data across page reloads and browser restarts
36 localStorage.setItem('sessionURI', session);
37 state.sessionURI = session;
Paul Fertser09a3b9e2024-07-03 14:11:03 +0000[diff] [blame]38 // If we didn't get the XSRF cookie it means we are talking to a
39 // Redfish implementation that is not bmcweb. In this case get the token
40 // from headers and send it with the future requests, do not permanently
41 // save anywhere.
42 if (state.xsrfCookie === undefined) {
43 api.set_auth_token(token);
44 state.xAuthToken = token;
45 }
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]46 },
Derick Montaguea06fe462020-03-11 13:48:42 -0500[diff] [blame]47 authError(state, authError = true) {
48 state.authError = authError;
Derick Montague676f2fc2019-12-23 20:53:49 -0600[diff] [blame]49 },
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]50 logout(state) {
Derick Montaguefded0d12019-12-11 06:16:40 -0600[diff] [blame]51 Cookies.remove('XSRF-TOKEN');
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]52 Cookies.remove('IsAuthenticated');
Paul Fertser09a3b9e2024-07-03 14:11:03 +0000[diff] [blame]53 api.set_auth_token(undefined);
Sukanya Pandeyb1f559f2020-04-28 20:18:28 +0530[diff] [blame]54 localStorage.removeItem('storedUsername');
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]55 state.xsrfCookie = undefined;
56 state.isAuthenticatedCookie = undefined;
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]57 localStorage.removeItem('sessionURI');
58 state.sessionURI = null;
Paul Fertser09a3b9e2024-07-03 14:11:03 +0000[diff] [blame]59 state.xAuthToken = null;
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]60 state.consoleWindow = false;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]61 },
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]62 },
63 actions: {
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]64 login({ commit }, { username, password }) {
Derick Montaguea06fe462020-03-11 13:48:42 -0500[diff] [blame]65 commit('authError', false);
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]66 return api
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]67 .post('/redfish/v1/SessionService/Sessions', {
68 UserName: username,
69 Password: password,
Ed Tanousebef6ee2023-08-07 18:25:41 -0700[diff] [blame]70 })
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]71 .then(({ headers, data }) => {
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]72 commit('authSuccess', {
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]73 session: headers['location'],
74 token: headers['x-auth-token'],
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]75 });
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]76 setSessionPrivilege(commit, data);
77 return isPasswordExpired(data);
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]78 })
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]79 .catch((error) => {
Derick Montaguefded0d12019-12-11 06:16:40 -0600[diff] [blame]80 commit('authError');
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]81 throw new Error(error);
82 });
83 },
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]84 logout({ commit, state }) {
Yoshie Muranaka6ce1a072019-12-06 14:13:59 -0800[diff] [blame]85 api
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]86 .delete(state.sessionURI)
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]87 .catch(() =>
88 console.log(
89 "Couldn't DELETE Session, proceeding with the logout anyway to get in sync with the backend.",
90 ),
91 )
Paul Fertser1ff8e892024-06-10 08:51:51 +0000[diff] [blame]92 .then(() => commit('logout'))
Thang Q. Nguyen780733a2023-04-19 14:27:18 +0700[diff] [blame]93 .then(() => router.push('/login'))
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]94 .catch((error) => console.log(error));
Yoshie Muranaka2c98b092020-06-22 13:28:09 -0700[diff] [blame]95 },
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]96 getSessionPrivilege({ commit, state }) {
Damian Celicoaeb19812022-11-24 02:00:53 +0100[diff] [blame]97 return api
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]98 .get(state.sessionURI)
99 .then(({ data }) => setSessionPrivilege(commit, data));
Yoshie Muranakad624dae2020-09-21 14:35:58 -0700[diff] [blame]100 },
101 resetStoreState({ state }) {
102 state.authError = false;
103 state.xsrfCookie = Cookies.get('XSRF-TOKEN');
104 state.isAuthenticatedCookie = Cookies.get('IsAuthenticated');
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]105 },
106 },
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]107};
108
Paul Fertserce7db822024-07-05 11:04:04 +0000[diff] [blame^]109const setSessionPrivilege = (commit, data) => {
110 // If the backend didn't provide the role information in the Session object
111 // our best bet is to assume the Administrator role to avoid hiding
112 // potentially useful UI elements. Everything security-sensitive is validated
113 // on the backend side anyway, so this is safe.
114 commit('global/setPrivilege', data.Roles?.[0] ?? roles.administrator, {
115 root: true,
116 });
117};
118
Derick Montaguee080a1a2019-12-04 16:30:08 -0600[diff] [blame]119export default AuthenticationStore;